sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

MdeModulePkg: Refine casting expression result to bigger size

Browse Source 
There are cases that the operands of an expression are all with rank less
than UINT64/INT64 and the result of the expression is explicitly cast to
UINT64/INT64 to fit the target size.

An example will be:
UINT32 a,b;
// a and b can be any unsigned int type with rank less than UINT64, like
// UINT8, UINT16, etc.
UINT64 c;
c = (UINT64) (a + b);

Some static code checkers may warn that the expression result might
overflow within the rank of "int" (integer promotions) and the result is
then cast to a bigger size.

The commit refines codes by the following rules:
1). When the expression is possible to overflow the range of unsigned int/
int:
c = (UINT64)a + b;

2). When the expression will not overflow within the rank of "int", remove
the explicit type casts:
c = a + b;

3). When the expression will be cast to pointer of possible greater size:
UINT32 a,b;
VOID *c;
c = (VOID *)(UINTN)(a + b); --> c = (VOID *)((UINTN)a + b);

4). When one side of a comparison expression contains only operands with
rank less than UINT32:
UINT8 a;
UINT16 b;
UINTN c;
if ((UINTN)(a + b) > c) {...} --> if (((UINT32)a + b) > c) {...}

For rule 4), if we remove the 'UINTN' type cast like:
if (a + b > c) {...}
The VS compiler will complain with warning C4018 (signed/unsigned
mismatch, level 3 warning) due to promoting 'a + b' to type 'int'.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Feng Tian <feng.tian@intel.com>
This commit is contained in:
Hao Wu
2017-02-24 10:01:34 +08:00
parent 95ba3d92dc
commit 16f6922709
34 changed files with 110 additions and 118 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
MdeModulePkg/Universal/DisplayEngineDxe/FormDisplay.c
View File

@@ -1,7 +1,7 @@
/** @file
Entry and initialization module for the browser.
Copyright (c) 2007 - 2016, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2007 - 2017, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2014, Hewlett-Packard Development Company, L.P.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
@@ -540,7 +540,7 @@ GetLineByWidth (
//
// Need extra glyph info and '\0' info, so +2.
//
*OutputString = AllocateZeroPool (((UINTN) (StrOffset + 2) * sizeof(CHAR16)));
*OutputString = AllocateZeroPool ((StrOffset + 2) * sizeof(CHAR16));
if (*OutputString == NULL) {
return 0;
}
@@ -2972,7 +2972,7 @@ UiDisplayMenu (
gST->ConOut->SetAttribute (gST->ConOut, GetInfoTextColor ());
for (Index = 0; Index < HelpHeaderLine; Index++) {
ASSERT (HelpHeaderLine == 1);
ASSERT (GetStringWidth (HelpHeaderString) / 2 < (UINTN) (gHelpBlockWidth - 1));
ASSERT (GetStringWidth (HelpHeaderString) / 2 < ((UINT32) gHelpBlockWidth - 1));
PrintStringAtWithWidth (
gStatementDimensions.RightColumn - gHelpBlockWidth,
Index + TopRow,
@@ -3053,7 +3053,7 @@ UiDisplayMenu (
gST->ConOut->SetAttribute (gST->ConOut, GetInfoTextColor ());
for (Index = 0; Index < HelpBottomLine; Index++) {
ASSERT (HelpBottomLine == 1);
ASSERT (GetStringWidth (HelpBottomString) / 2 < (UINTN) (gHelpBlockWidth - 1));
ASSERT (GetStringWidth (HelpBottomString) / 2 < ((UINT32) gHelpBlockWidth - 1));
PrintStringAtWithWidth (
gStatementDimensions.RightColumn - gHelpBlockWidth,
BottomRow + Index - HelpBottomLine + 1,